package com.atcc.test.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import com.atcc.test.domain.User;
import com.atcc.test.serviceImpl.SecurityUserDetailsPasswordService;
import com.atcc.test.serviceImpl.SecurityUserService;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter{
	
	@Autowired
	private SecurityUserService<User> securityUserService;
	
	@Autowired
	private SecurityUserDetailsPasswordService UserDetailsPasswordService;
	
    
    @Override
    protected void configure(HttpSecurity http) throws Exception {
    	//请求授权的规则
           http
           .authorizeRequests()
           .antMatchers("/").permitAll()
           .antMatchers("/index").hasRole("vip1")
           .antMatchers("/index").hasRole("root")
           .and()
           .formLogin()
           .and()
           .csrf()
           .disable();
           
          
           //开启了注销功能
      //     http.logout()
      //    .logoutSuccessUrl("/logout");
           
      //防止网站工具
      //     http.csrf().disable(); //关闭csrf功能
           
      //     http.rememberMe();
           
    }
    
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    	//认证的规则
    	//密码编码 passwordEncode 
    	//spring security 5 新增很多加密方法
    	auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
    	    .withUser("test").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1","vip2")
    	    .and()
    	    .withUser("test1").password(new BCryptPasswordEncoder().encode("123456")).roles("vip2");
    	
    	//auth.jdbcAuthentication()
    	//.dataSource(null);
    	//auth.userDetailsService(null);
    	
    	auth.userDetailsService(securityUserService);    	
    }
}
